#!/bin/bash

# 临时启用IPv4可疑数据包记录
echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
echo 1 > /proc/sys/net/ipv4/conf/default/log_martians

# 永久启用IPv4可疑数据包记录
if grep -q "^net.ipv4.conf.all.log_martians" /etc/sysctl.conf; then
    sed -i 's/^net.ipv4.conf.all.log_martians.*/net.ipv4.conf.all.log_martians=1/' /etc/sysctl.conf
else
    echo "net.ipv4.conf.all.log_martians=1" >> /etc/sysctl.conf
fi

if grep -q "^net.ipv4.conf.default.log_martians" /etc/sysctl.conf; then
    sed -i 's/^net.ipv4.conf.default.log_martians.*/net.ipv4.conf.default.log_martians=1/' /etc/sysctl.conf
else
    echo "net.ipv4.conf.default.log_martians=1" >> /etc/sysctl.conf
fi

# 应用配置
sysctl -p >/dev/null 2>&1

echo "可疑数据包记录配置完成"